Updated selinux-policy packages that fix various bugs are now available.
Security-enhanced Linux is a patch of the Linux® kernel and a number of
utilities with enhanced security functionality designed to add mandatory
access controls to Linux. The Security-enhanced Linux kernel contains new
architectural components originally developed to improve the security of
the Flask operating system. These architectural components provide general
support for the enforcement of many kinds of mandatory access control
policies, including those based on the concepts of Type Enforcement®,
Role-based Access Control, and Multi-level Security.
This package contains the SELinux example policy configuration along with
the Flask configuration information and the application configuration files.
These updated selinux-policy-targeted packages provide fixes for the
following bugs:
* virtio block devices on KVM guests did not properly label those devices
as "system_u:object_r:fixed_disk_device_t". This update properly labels
virtio block devices, which is necessary for virtio support.
* SquirrelMail's configtest failed when in SELinux Enforcing mode because
the httpd process was unable to read symbolic links in the /sbin directory,
which is required for configtest. This policy update allows httpd to read
from /sbin, thus resolving this Enforcing-mode access violation.
* SELinux prevented Samba's winbind from creating directories under the
/var/cache/samba/ directory, which was required in order for Samba to work
as part as an Active Directory Services (ADS) domain. This policy update
enables winbind to create directories under the /var/cache/samba/
directory, thus resolving the problem.
All users of selinux-policy-targeted are advised to upgrade to these
updated packages, which resolve these issues.
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
| Red Hat Desktop (v. 4) |
|
| SRPMS: |
| selinux-policy-targeted-1.17.30-2.152.el4.src.rpm |
fa40203d05c7bfd166d64b0bab2b96c7 |
| |
| IA-32: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| x86_64: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| Red Hat Enterprise Linux AS (v. 4) |
|
| SRPMS: |
| selinux-policy-targeted-1.17.30-2.152.el4.src.rpm |
fa40203d05c7bfd166d64b0bab2b96c7 |
| |
| IA-32: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| IA-64: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| PPC: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| s390: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| s390x: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| x86_64: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| Red Hat Enterprise Linux ES (v. 4) |
|
| SRPMS: |
| selinux-policy-targeted-1.17.30-2.152.el4.src.rpm |
fa40203d05c7bfd166d64b0bab2b96c7 |
| |
| IA-32: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| IA-64: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| x86_64: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| Red Hat Enterprise Linux WS (v. 4) |
|
| SRPMS: |
| selinux-policy-targeted-1.17.30-2.152.el4.src.rpm |
fa40203d05c7bfd166d64b0bab2b96c7 |
| |
| IA-32: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| IA-64: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
| x86_64: |
| selinux-policy-targeted-1.17.30-2.152.el4.noarch.rpm |
abad6363dd1a0c1be2fc8e17d740f655 |
| selinux-policy-targeted-sources-1.17.30-2.152.el4.noarch.rpm |
3898e766dd5f8b0878ff56f439450340 |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
201658 - Squirrelmail configuration problems.
479237 - RHEL4 kvm virtio: selinux-policy-targeted support for virtio block devices
487001 - selinux prevents winbind from creating its kerberos config file
selinux-policy-targeted bug fix update